diff options
| author | Tomasz Maczukin <tomasz@maczukin.pl> | 2017-03-15 00:27:10 +0100 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2017-03-20 09:40:36 +0100 |
| commit | bbf4d27a5c046f95b6fda109dcda109fd00298b1 (patch) | |
| tree | 20fabb8336543510712c24a0fd4434fc26181941 | |
| parent | 691402fb2b361ba19db3b8bdf77b75e513883423 (diff) | |
| download | gitlab-ce-bbf4d27a5c046f95b6fda109dcda109fd00298b1.tar.gz | |
Make runner's veryfication working again
In APIv1 we were using UpdateJob to verify if the runner exists. It was
the only method that was using Runner's token and used in special way
had no side effects (like scheduling a new job or unregisterring a
Runner).
In APIv4 we've change UpdateJob to use job's token as authentication
credentials, and that way we've removed the only endpoint that could
be used to verify if the Runner with a certain token exists in target
GitLab installation.
This commit adds `POST /api/v4/runners/verify` endpoint whose only
responsibility is to respond if Runner with posted credentials exists or
not.
| -rw-r--r-- | lib/api/runner.rb | 11 | ||||
| -rw-r--r-- | spec/requests/api/runner_spec.rb | 28 |
2 files changed, 39 insertions, 0 deletions
diff --git a/lib/api/runner.rb b/lib/api/runner.rb index c700d2ef4a1..b80f7284735 100644 --- a/lib/api/runner.rb +++ b/lib/api/runner.rb @@ -47,6 +47,17 @@ module API authenticate_runner! Ci::Runner.find_by_token(params[:token]).destroy end + + desc 'Validates authentication credentials' do + http_codes [[200, 'Credentials are valid'], [403, 'Forbidden']] + end + params do + requires :token, type: String, desc: %q(Runner's authentication token) + end + post '/verify' do + authenticate_runner! + status 200 + end end resource :jobs do diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb index 442b2df1952..2e0bdc08631 100644 --- a/spec/requests/api/runner_spec.rb +++ b/spec/requests/api/runner_spec.rb @@ -152,6 +152,34 @@ describe API::Runner do end end end + + describe 'POST /api/v4/runners/verify' do + let(:runner) { create(:ci_runner) } + + context 'when no token is provided' do + it 'returns 400 error' do + post api('/runners/verify') + + expect(response).to have_http_status :bad_request + end + end + + context 'when invalid token is provided' do + it 'returns 403 error' do + post api('/runners/verify'), token: 'invalid-token' + + expect(response).to have_http_status 403 + end + end + + context 'when valid token is provided' do + it 'deletes Runner' do + post api('/runners/verify'), token: runner.token + + expect(response).to have_http_status 200 + end + end + end end describe '/api/v4/jobs' do |